Severity by source
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Crafted HTML page delivered over network (AV:N), reliable GPU memory leak requires conditions outside attacker control (AC:H), no authentication needed (PR:N), user must visit page (UI:R), confidentiality-only impact with no integrity or availability effect.
Primary rating from Vendor (Chrome).
CVSS VectorVendor: Chrome
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
AnalysisAI
Uninitialized GPU memory use in Google Chrome on Android before 149.0.7827.197 exposes process memory contents to remote attackers without requiring authentication. An attacker who induces a user to load a crafted HTML page can read potentially sensitive data from Chrome's GPU process memory, consistent with the High confidentiality impact assigned in the CVSS vector. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the target to be running Google Chrome on Android with a version prior to 149.0.7827.197, and the user must actively navigate to a crafted HTML page under attacker control (UI:R). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 5.3 (Medium) reflects AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N - remote delivery via a crafted HTML page, high attack complexity, no privileges required, but mandatory user interaction and no integrity or availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker registers or compromises a website and embeds a crafted HTML page designed to trigger the uninitialized GPU memory path in Chrome's Android rendering pipeline. A target user is directed to the page via a phishing message or malicious advertisement; upon rendering, the page causes Chrome to read and expose uninitialized GPU memory, potentially leaking sensitive fragments of previously processed data back to the attacker. … |
| Remediation | The vendor-released patch is Google Chrome 149.0.7827.197 for Android; users should update immediately via Google Play or Chrome's built-in update mechanism, as documented in the stable channel advisory at http://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0482630350.html. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-457 – Use of Uninitialized Variable
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39044
GHSA-53ww-g6wp-vwp6